last person joined: 3 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).

IAP Uplink 802.1x / MAB on Trunk Port

  • 1.  IAP Uplink 802.1x / MAB on Trunk Port

    Posted 16 days ago
    HI Airheads,

    I'm researching a customer requirement to enable 802.1x or MAB authentication of an Aruba IAP on a Cisco IOS switchport with ClearPass. 

    Simple right? well if this were a CAP then i'd say yes but given the IAP needs a trunk port i'm struggling to find a workable solution. 

    The challenge is many older IOS versions don't support 802.1x on trunk ports. 

    There are some newer features like Cisco NEAT which seems to meet the requirement however it looks like this might be a little too vendor specific (it's designed to auth downstream switches)  to actually work properly. 

    So putting it to the brains collective, has anybody actually done this before? did it work ok? any traps?

    Cisco has a guide on Flexconnect AP on trunk port so it looks like its just crazy enough that it might work!


    Scott Doorey